Findomain – A Cross-Platform Tool That Use Certificate Transparency Logs To Find Subdomains

A cross-platform tool that use Certificates ^(https://www.kitploit.com/search/label/Certificates) Transparency ^(https://www.kitploit.com/search/label/Transparency) logs to find subdomains. We currently support Linux, Windows and MacOS.
Certificate Transparency ^(https://www.kitploit.com/search/label/Certificate%20Transparency) logs to find subdomains and it method make it tool very faster and reliable. If you want to know more about Certificate Transparency logs, read https://www.certificate-transparency.org/ ^(https://www.certificate-transparency.org/)

Installation Linux
If you want to install it, you can do that manually compiling the source or using the precompiled binary.
Manually: You need to have Rust ^(https://www.rust-lang.org/) installed in your computer first.

$ git clone https://github.com/Edu4rdSHL/findomain.git
$ cd findomain
$ cargo build --release
$ sudo cp target/release/findomain /usr/bin/
$ findomain

Using the binary:

$ git clone https://github.com/Edu4rdSHL/findomain.git
$ sudo cp findomain/bin/findomain /usr/bin
$ findomain

If you are using the BlackArch Linux ^(https://blackarch.org/) distribution, you just need to use:

$ sudo pacman -S findomain

Installation Windows
Download the binary from https://github.com/Edu4rdSHL/findomain/tree/master/bin/windows ^(https://github.com/Edu4rdSHL/findomain/tree/master/bin/windows) and use it.

Installation MacOS
Download the binary from https://github.com/Edu4rdSHL/findomain/tree/master/bin/osx ^(https://github.com/Edu4rdSHL/findomain/tree/master/bin/osx) and use it.

Usage
You can use the tool in two ways, only discovering the domain name or discovering the domain + the IP address.

findomain 0.1.3
Eduard Tolosa
A tool that use Certificates Transparency logs to find subdomains.

USAGE:
findomain [FLAGS] [OPTIONS]

FLAGS:
-h, --help Prints help information
-i, --get-ip Return the subdomain list with IP address if resolved.
-V, --version Prints version information

OPTIONS:
-f, --file Sets the input file to use.
-o, --output Write data to output file in the specified format. [possible values: txt, csv, json]
-t, --target Target host

Features

  • Discover subdomains without brute-force, it tool uses Certificate Transparency Logs.
  • Discover subdomains with or without IP address according to user arguments.
  • Read target from user argument (-t).
  • Read a list of targets from file and discover their subdomains with or without IP and also write to output files per-domain if specified by the user, recursively.
  • Write output to TXT file.
  • Write output to CSV file.
  • Write output to JSON file.
  • Cross platform support: Linux, Windows, MacOS.
Download Findomain ^(https://github.com/Edu4rdSHL/findomain)

Findomain – A Tool That Use Certificate Transparency Logs To Find Subdomains

A instrument that use Certificates Transparency ^(https://en.wikipedia.org/wiki/Certificate_Transparency) logs to seek out subdomains.

How it really works?
It instrument does not use the typical strategies for sub(domain names) uncover, the instrument makes use of Certificate Transparency ^(https://www.kitploit.com/search/label/Certificate%20Transparency) logs to seek out subdomains and it manner make it instrument very sooner and dependable. If you wish to have to grasp extra about Certificate Transparency logs, learn https://www.certificates-transparency.org/ ^(https://www.certificate-transparency.org/)
Rust ^(https://www.rust-lang.org/) put in on your pc first.

$ git clone https://github.com/Edu4rdSHL/findomain.git
$ cd findomain
$ shipment construct --release
$ sudo cp goal/launch/findomain /usr/bin/
$ findomain

Using the binary:

$ git clone https://github.com/Edu4rdSHL/findomain.git
$ sudo cp findomain/bin/findomain /usr/bin
$ findomain

Usage
You can use the instrument in two tactics, handiest finding the area title or finding the area + the IP deal with.

Usage:

findomain -i Return the subdomain record with IP deal with if resolved.
findomain Return the subdomain record with out IP deal with.
findomain -f Return the subdomain record for host laid out in a record.
findomain -i -f Return the subdomain record for host laid out in a record with IP deal with if resolved.

Demo

^(https://asciinema.org/a/k5KdfXZ62db9xgPF9p619FYGa)
Download Findomain ^(https://github.com/Edu4rdSHL/findomain)